Trivial examples of application-level backup and restore using Kanister blueprints
Fork and clone this repository, then navigate to the project root and follow the instructions below.
The pre-commit hook runs formatting and sanity checks such as tofu fmt to reduce the chance of accidentally submitting badly formatted code that would fail CI.
ln -s ../../hooks/pre-commit ./.git/hooks/pre-commit- An AWS account
- Valid AWS credentials for an IAM administrator account - see Configure the AWS CLI for details
- OpenTofu v1.7.2 or later
- A Kubernetes cluster - spin one up with kind if in doubt
- Cluster-admin access to the Kubernetes cluster with
kubectl - Helm
- The Kanister operator installed on our Kubernetes cluster
Create the S3 bucket for storing our Kanister backups using OpenTofu:
tofu init
tofu plan
tofu applySupported variables:
| Name | Type | Required | Default value | Description |
|---|---|---|---|---|
profile |
string |
- | "default" |
The profile to assume from the AWS credentials file |
region |
string |
- | "ap-east-1" |
The AWS region to assume |
The time logger example is based on the Kanister tutorial.
First create a deployment which appends a timestamp to the log file at /var/log/time.log every second:
kubectl create -f time-logger/deployment.yamlWait for the pods in our deployment to become ready:
kubectl wait \
--for=condition=Ready \
pods \
-l app=time-logger \
--timeout=180sSample output:
pod/time-logger-777955ffb4-q6bmp condition met
The log file is streamed to STDOUT via the busybox container:
kubectl logs -l app=time-logger -c busyboxSample output:
Sat Jun 8 13:56:27 UTC 2024
Sat Jun 8 13:56:28 UTC 2024
Sat Jun 8 13:56:29 UTC 2024
Sat Jun 8 13:56:30 UTC 2024
Sat Jun 8 13:56:31 UTC 2024
Sat Jun 8 13:56:32 UTC 2024
Sat Jun 8 13:56:33 UTC 2024
Sat Jun 8 13:56:34 UTC 2024
Sat Jun 8 13:56:35 UTC 2024
Sat Jun 8 13:56:36 UTC 2024
Create the ConfigMap and Secret which contain our bucket URL and AWS credentials for accessing our bucket:
kubectl create -f time-logger/configmap.yaml
kubectl create -f time-logger/secret.yamlNow create our Kanister blueprint. The blueprint defines backup and restore actions for our log file but does not execute them.
kubectl create -f time-logger/blueprint.yamlTo run the backup action defined in our blueprint, create an ActionSet invoking that action.
kubectl create -f time-logger/backup-actionset.yamlWait a few seconds and confirm that the backup ActionSet has entered a "complete" state:
kubectl -n kanister get actionsets.cr.kanister.ioSample output:
NAME PROGRESS SIZEDOWNLOADEDB SIZEUPLOADEDB ESTIMATEDDOWNLOADSIZEB ESTIMATEDUPLOADSIZEB RUNNING PHASE LAST TRANSITION TIME STATE
time-logger-s3backup-n6h8q 100 2024-06-08T13:51:24Z complete
Confirm that a log file time-logger/XXXX-XX-XX was uploaded to S3 as well.
Optionally run the restore ActionSet as well and confirm that it runs to completion, though you'll probably need to edit the restoreDate beforehand which is hardcoded to 2024-06-08 in the given template:
kubectl create -f time-logger/restore-actionset.yamlNow view the contents of the log file /var/log/time.log within the pod and observe that log file was overwritten by the restore operation.